Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
194 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Evaluating the Impact of Community Oversight for Managing Mobile Privacy and Security (2306.02289v4)

Published 4 Jun 2023 in cs.HC

Abstract: Mobile privacy and security can be a collaborative process where individuals seek advice and help from their trusted communities. To support such collective privacy and security management, we developed a mobile app for Community Oversight of Privacy and Security ("CO-oPS") that allows community members to review one another's apps installed and permissions granted to provide feedback. We conducted a four-week-long field study with 22 communities (101 participants) of friends, families, or co-workers who installed the CO-oPS app on their phones. Measures of transparency, trust, and awareness of one another's mobile privacy and security behaviors, along with individual and community participation in mobile privacy and security co-management, increased from pre- to post-study. Interview findings confirmed that the app features supported collective considerations of apps and permissions. However, participants expressed a range of concerns regarding having community members with different levels of technical expertise and knowledge regarding mobile privacy and security that can impact motivation to participate and perform oversight. Our study demonstrates the potential and challenges of community oversight mechanisms to support communities to co-manage mobile privacy and security.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (68)
  1. "strike at the root": Co-designing real-time social media interventions for adolescent online risk prevention. Proc. ACM Hum.-Comput. Interact., 7(CSCW1), apr 2023.
  2. CO-OPS: A mobile app for community oversight of privacy and security. In Companion Publication of the 2022 Conference on Computer Supported Cooperative Work and Social Computing, CSCW’22 Companion, page 179–183, New York, NY, USA, 2022. Association for Computing Machinery.
  3. It takes a village: A case for including extended family members in the joint oversight of family-based privacy and security for mobile smartphones. In Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems, CHI EA ’23, New York, NY, USA, 2023. Association for Computing Machinery.
  4. From parental control to joint family oversight: Can parents and teens manage mobile online safety and privacy as equals? Proc. ACM Hum.-Comput. Interact., 6(CSCW1), apr 2022.
  5. Designing a Mobile Application to Support Social Processes for Privacy. In Workshop on Usable Security, Internet Society, 2019.
  6. Your Location has been Shared 5,398 Times! A Field Study on Mobile App Privacy Nudging. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, CHI ’15, pages 787–796, New York, NY, USA, April 2015. Association for Computing Machinery.
  7. Permission vs. app limiters: Profiling smartphone users to understand differing strategies for mobile privacy management. In Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems, CHI ’22, New York, NY, USA, 2022. Association for Computing Machinery.
  8. Monica Anderson. Mobile apps, privacy and permissions: 5 key takeaways, 2015.
  9. Towards assets-based approaches for adolescent online safety. In Badillo-Urquiola, Agha, Z., Akter, K., Wisniewski, P.,(2020)“Towards Assets-Based Approaches for Adolescent Online Safety” Extended Abstract presented at the ACM Conference on Computer-Supported Cooperative Work Workshop on Operationalizing an Assets-Based Design of Technology,(CSCW 2020), 2020.
  10. Happypermi: Presenting critical data flows in mobile application to raise user security awareness. In Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems, CHI EA ’19, page 1–6, New York, NY, USA, 2019. Association for Computing Machinery.
  11. Albert Bandura. Self-efficacy mechanism in human agency. American psychologist, 37(2):122, 1982.
  12. Joseph Bonneau. Alice and Bob’s life stories: Cryptographic communication using shared experiences. In 17th International Workshop on Security Protocols, 2009.
  13. Privacy suites: Shared privacy for social networks. In Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS ’09, New York, NY, USA, 2009. Association for Computing Machinery.
  14. Automatically granted permissions in android apps: An empirical study on their prevalence and on the potential threats for privacy. In Proceedings of the 17th International Conference on Mining Software Repositories, MSR ’20, page 114–124, New York, NY, USA, 2020. Association for Computing Machinery.
  15. Community collective efficacy: structure and consequences of perceived capacities in the Blacksburg Electronic Village. In 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the, pages 10 pp.–, Big Islane, HI, USA, January 2003. Institute of Electrical and Electronics Engineers.
  16. Collective efficacy as a measure of community. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI ’05, page 1–10, New York, NY, USA, 2005. Association for Computing Machinery.
  17. Measuring user confidence in smartphone security and privacy. In Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS ’12, New York, NY, USA, 2012. Association for Computing Machinery.
  18. Co-designing for community oversight: Helping people make privacy and security decisions together. Proc. ACM Hum.-Comput. Interact., 3(CSCW), nov 2019.
  19. Parents’ and teens’ perspectives on privacy in a technology-filled world. In Proceedings of the Tenth USENIX Conference on Usable Privacy and Security, SOUPS ’14, page 19–35, USA, 2014. USENIX Association.
  20. Lee J. Cronbach. Coefficient alpha and the internal structure of tests. Psychometrika, 16(3):297–334, September 1951.
  21. The effect of social influence on security sensitivity. In Proceedings of the Tenth USENIX Conference on Usable Privacy and Security, SOUPS ’14, page 143–157, USA, 2014. USENIX Association.
  22. The role of social influence in security feature adoption. In Proceedings of the 18th ACM Conference on Computer Supported Cooperative Work & Social Computing, CSCW ’15, page 1416–1426, New York, NY, USA, 2015. Association for Computing Machinery.
  23. Fred Davis. Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Quarterly, 13:319, 1989.
  24. Social navigation as a model for usable security. In Proceedings of the 2005 Symposium on Usable Privacy and Security, SOUPS ’05, page 101–108, New York, NY, USA, 2005. Association for Computing Machinery.
  25. Security in the wild: user strategies for managing security as an everyday, practical problem. Personal and Ubiquitous Computing, 8(6):391–401, November 2004.
  26. Mica R. Endsley. Toward a Theory of Situation Awareness in Dynamic Systems. Human Factors, 37(1):32–64, March 1995. Publisher: SAGE Publications Inc.
  27. Understanding privacy awareness in android app descriptions using deep learning. In Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy, pages 203–214, 2020.
  28. Android permissions: User attention, comprehension, and behavior. In Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS ’12, New York, NY, USA, 2012. Association for Computing Machinery.
  29. Demonstrating rigor using thematic analysis: A hybrid approach of inductive and deductive coding and theme development. International Journal of Qualitative Methods, 5(1):80–92, 2006.
  30. Securacy: An empirical investigation of android applications’ network usage, privacy and security. In Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, WiSec ’15, New York, NY, USA, 2015. Association for Computing Machinery.
  31. Safety vs. surveillance: What children have to say about mobile apps for parental control. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, CHI ’18, page 1–14, New York, NY, USA, 2018. Association for Computing Machinery.
  32. Supporting privacy management via community experience and expertise. Communities and Technologies 2005, 01 2005.
  33. Majid Hatamian. "hard to understand, easy to ignore:" an automated approach to predict mobile app permission requests: Student research abstract. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing, SAC ’19, page 1979–1982, New York, NY, USA, 2019. Association for Computing Machinery.
  34. An effective approach to mobile device management: Security and privacy issues associated with mobile applications. Digital Business, 1(1):100001, 2020.
  35. To permit or not to permit, that is the usability question: Crowdsourcing mobile apps’ privacy permission settings. Proc. Priv. Enhancing Technol., 2017(4):119–137, 2017.
  36. A Conundrum of Permissions: Installing Applications on an Android Smartphone. In Jim Blyth, Sven Dietrich, and L. Jean Camp, editors, Financial Cryptography and Data Security, Lecture Notes in Computer Science, pages 68–79, Berlin, Heidelberg, 2012. Springer.
  37. Towards building community collective efficacy for managing digital privacy and security within older adult communities. Proc. ACM Hum.-Comput. Interact., 4(CSCW3), jan 2021.
  38. Examining collaborative support for privacy and security in the broader context of tech caregiving. Proc. ACM Hum.-Comput. Interact., 5(CSCW2), oct 2021.
  39. Expectation and purpose: Understanding users’ mental models of mobile app privacy through crowdsourcing. In Proceedings of the 2012 ACM Conference on Ubiquitous Computing, UbiComp ’12, page 501–510, New York, NY, USA, 2012. Association for Computing Machinery.
  40. Someone to watch over me. In Proceedings of the 2012 New Security Paradigms Workshop, NSPW ’12, page 67–76, New York, NY, USA, 2012. Association for Computing Machinery.
  41. Follow My Recommendations: A Personalized Privacy Assistant for Mobile App Permissions. pages 27–41, 2016.
  42. Understanding mobile users’ privacy expectations: A recommendation-based method through crowdsourcing. IEEE Transactions on Services Computing, 12(2):304–318, 2019.
  43. Demystifying resource management risks in emerging mobile app-in-app ecosystems. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, CCS ’20, pages 569–585. Association for Computing Machinery, 2020.
  44. Michael Lutaaya. Rethinking app permissions on ios. In Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems, CHI EA ’18, page 1–6, New York, NY, USA, 2018. Association for Computing Machinery.
  45. Mary Madden. Privacy, Security, and Digital Inequality, September 2017. Publisher: Data & Society Research Institute.
  46. Susceptibility to Social Influence of Privacy Behaviors | Proceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing, 2017.
  47. Social support for mobile security: Comparing close connections and community volunteers in a field experiment. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, CHI ’23, New York, NY, USA, 2023. Association for Computing Machinery.
  48. "how do you not lose friends?": Synthesizing a design space of social controls for securing shared digital resources via participatory design jams. In 31st USENIX Security Symposium (USENIX Security 22), pages 881–898, Boston, MA, August 2022. USENIX Association.
  49. Individually vulnerable, collectively safe: The security and privacy practices of households with older adults. Proc. ACM Hum.-Comput. Interact., 5(CSCW1), apr 2021.
  50. Informal support networks: An investigation into home data security practices. In Proceedings of the Fourteenth USENIX Conference on Usable Privacy and Security, SOUPS ’18, page 63–82, USA, 2018. USENIX Association.
  51. Mobile Fact Sheet.
  52. Privacy Attitudes and COVID Symptom Tracking Apps: Understanding Active Boundary Management by Users. In Malte Smits, editor, Information for a Better World: Shaping the Global Future, pages 332–346, Cham, 2022. Springer International Publishing.
  53. Reducing permission requests in mobile apps. In Proceedings of the Internet Measurement Conference, IMC ’19, page 259–266, New York, NY, USA, 2019. Association for Computing Machinery.
  54. Computer help at home: methods and motivations for informal technical support. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI ’09, pages 739–748, New York, NY, USA, April 2009. Association for Computing Machinery.
  55. Identifying patterns in informal sources of security information. Journal of Cybersecurity, 1(1):121–144, September 2015. Publisher: Oxford Academic.
  56. Android user privacy preserving through crowdsourcing. IEEE Transactions on Information Forensics and Security, 13(3):773–787, 2018.
  57. 50 ways to leak your data: An exploration of apps’ circumvention of the android permissions system. In WINTER 2019, VOL. 44, NO. 4, pages 603–620, Boston, MA, United States, 2019. USENIX.
  58. I think they’re trying to tell me something: Advice sources and selection for digital security. In 2016 IEEE Symposium on Security and Privacy (SP), pages 272–288. IEEE, 2016.
  59. A temporal permission analysis and enforcement framework for android. In Proceedings of the 40th International Conference on Software Engineering, ICSE ’18, page 846–857, New York, NY, USA, 2018. Association for Computing Machinery.
  60. Seymour B Sarason. The psychological sense of community: Prospects for a community psychology. Jossey-Bass, 1974.
  61. Learning assigned secrets for unlocking mobile devices. In Eleventh Symposium On Usable Privacy and Security (SOUPS 2015), pages 277–295, Ottawa, July 2015. USENIX Association.
  62. Cope: Enabling collaborative privacy management in online social networks. Journal of the American Society for Information Science and Technology, 62(3):521–534, 2011.
  63. A characterization of digital native approaches to mobile privacy and security. In Proceedings of the South African Institute of Computer Scientists and Information Technologists 2019, SAICSIT ’19, New York, NY, USA, 2019. Association for Computing Machinery.
  64. Americans and Digital Knowledge. Pew Research, October 2019.
  65. "we hold each other accountable": Unpacking how social groups approach cybersecurity and privacy together. In Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, CHI ’20, page 1–12, New York, NY, USA, 2020. Association for Computing Machinery.
  66. Parental control vs. teen self-regulation: Is there a middle ground for mobile online safety? In Proceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing, CSCW ’17, page 51–69, New York, NY, USA, 2017. Association for Computing Machinery.
  67. Bo Zhang and Heng Xu. Privacy nudges for mobile applications: Effects on the creepiness emotion and privacy attitudes. In Proceedings of the 19th ACM Conference on Computer-Supported Cooperative Work; Social Computing, CSCW ’16, page 1676–1690, New York, NY, USA, 2016. Association for Computing Machinery.
  68. Mobile app recommendations with security and privacy awareness. In Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD ’14, page 951–960, New York, NY, USA, 2014. Association for Computing Machinery.
Citations (4)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets